Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[exprtk] Enable loop upper-bound runtime checks in the fuzzer (#4789)

This commit is contained in:
Arash Partow 2020-12-07 06:52:24 +11:00 committed by GitHub
parent b9e6a5fc74
commit f14497dba0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
projects/exprtk/exprtk_fuzzer.cpp
View File

@ -15,6 +15,7 @@
#include <cstdint> #include <cstdint>
#include <string> #include <string>
#define exprtk_enable_runtime_checks
#include "exprtk.hpp" #include "exprtk.hpp"
@ -24,6 +25,7 @@ void run(const std::string& expression_string)
typedef exprtk::symbol_table<T> symbol_table_t; typedef exprtk::symbol_table<T> symbol_table_t;
typedef exprtk::expression<T> expression_t; typedef exprtk::expression<T> expression_t;
typedef exprtk::parser<T> parser_t; typedef exprtk::parser<T> parser_t;
typedef exprtk::loop_runtime_check loop_runtime_check_t;
T x = T(1.2345); T x = T(1.2345);
T y = T(2.2345); T y = T(2.2345);
@ -40,11 +42,25 @@ void run(const std::string& expression_string)
expression_t expression; expression_t expression;
expression.register_symbol_table(symbol_table); expression.register_symbol_table(symbol_table);
loop_runtime_check_t loop_runtime_check;
loop_runtime_check.loop_set = loop_runtime_check_t::e_all_loops;
loop_runtime_check.max_loop_iterations = 100000000;
parser_t parser; parser_t parser;
parser.register_loop_runtime_check(loop_runtime_check);
if (parser.compile(expression_string, expression)) if (parser.compile(expression_string, expression))
{
try
{ {
expression.value(); expression.value();
} }
catch (std::runtime_error& rte)
{}
parser.clear_loop_runtime_check();
}
} }
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)